﻿#pragma once
#include<string>
#include"stdafx.h"
#include<map>
#include<set>
#include"util.h"
using namespace std;
/*
*权限管理类，
*提供新增用户
*以及用户权限的简单管理
*/
class Authority
{
public:
	Authority() {
		string user_host, pwd, info;
		char c_pwd[33] = { 0 }, c_user_host[44] = { 0 }, c_info[101] = { 0 };
		authFile.Open(L"data/system/user.trd", CFile::modeRead | CFile::typeBinary, NULL);
		while (authFile.Read(c_user_host, 43) != 0) {
			authFile.Read(c_pwd, 32);
			user_host = c_user_host;
			pwd = c_pwd;
			LoginAuthMap.insert(pair<string, string>(user_host, pwd));
		}
		authFile.Close();
		authFile.Open(L"data/system/auth.trd", CFile::modeRead | CFile::typeBinary, NULL);
		while (authFile.Read(c_info, 100) != 0) {
			info = c_info;
			authSet.insert(info);
		}
		authFile.Close();
	};

	~Authority() {};

	//用户是否存在
	bool userExist(string user_host) {
		map<string, string>::iterator iter = LoginAuthMap.find(user_host);
		if (LoginAuthMap.end() != iter) {
			return true;
		}
		return false;
	}

	//是否具有root权限
	bool isRoot(string user_host) {
		set<string>::iterator iter = authSet.find(user_host + "*");
		if (authSet.end() != iter) {
			return true;
		}
		return false;
	}

	//是否具有删除数据库的权限
	bool dropDB(string user_host, string db) {
		set<string>::iterator iter = authSet.find(user_host + "*");
		if (authSet.end() != iter) {
			return true;
		}
		iter = authSet.find(user_host + db + "*");
		if (authSet.end() != iter) {
			return true;
		}
		return false;
	}

	//登录权限认证
	bool Authentication(string user_host, string pwd) {
		map<string, string>::iterator iter = LoginAuthMap.find(user_host);
		if (LoginAuthMap.end() != iter) {
			if (iter->second == Password(pwd)) {
				return true;
			}
			return false;
		}
		return false;
	};
	//登录权限认证
	bool Authentication(string user, string ip, string pwd, string &user_host) {
		user_host = user + "@*";
		map<string, string>::iterator iter = LoginAuthMap.find(user_host);
		if (LoginAuthMap.end() != iter) {
			if (iter->second == Password(pwd)) {
				return true;
			}
			return false;
		}
		user_host = user + "@" + ip;
		return Authentication(user_host, pwd);
	};

	//权限判断，限制不同用户对不同的数据库及数据表的访问
	bool Auth_Judge(string user_host, string db, string table) {
		set<string>::iterator iter = authSet.find(user_host + "*");
		if (authSet.end() != iter) {
			return true;
		}
		iter = authSet.find(user_host + db + "*");
		if (authSet.end() != iter) {
			return true;
		}
		iter = authSet.find(user_host + db + table);
		if (authSet.end() != iter) {

			return true;
		}
		return false;
	};

	//只有对user表有权限的用户才能够更改密码
	bool Update_Pwd(string user_host, string new_pwd, string &msg) {
		map<string, string>::iterator iter = LoginAuthMap.find(user_host);
		if (LoginAuthMap.end() != iter) {
			iter->second = Password(new_pwd);
			ReWriterUser();
			msg = "successful !";
			return true;
		}
		msg = "User does not exist!";
		return false;
	}


	//添加权限
	void Auth_insert(string user_host, string db, string table, string &msg) {

		//判断用户是否存在
		if (!userExist(user_host)) {
			msg = "User does not exist!";
			return;
		}

		//判断权限是否已经存在
		if (Auth_Judge(user_host, db, table)) {
			msg = "Duplicate permissions !";
			return;
		}

		if (table == "")
			table = "*";
		string info = user_host + db + table;
		const char*c_info = info.c_str();
		authSet.insert(info);
		authFile.Open(L"data/system/auth.trd", CFile::modeWrite | CFile::typeBinary, NULL);
		authFile.SeekToEnd();
		authFile.Write(c_info, 100);
		authFile.Close();
		msg = "successful !";
	};

	//删除用户
	void User_Drop(string user_host, string &msg) {
		if (!userExist(user_host)) {
			msg = "user does not  exsit !";
			return;
		}
		//删除用户
		map<string, string>::iterator iter = LoginAuthMap.find(user_host);
		LoginAuthMap.erase(iter);
		ReWriterUser();
		//删除用户权限
		set<string>::iterator it = authSet.begin();
		while (it != authSet.end()) {
			if ((*it).find(user_host) != -1) {
				set<string>::iterator temp = it;
				it++;
				authSet.erase(temp);
			}
			else
				it++;
		}
		ReWriterAuth();
	}

	void Show_Users(string &info) {
		info += "-----------------------------------------------------\r\n";
		info += "         user        |        password          \r\n";
		map<string, string>::iterator iter = LoginAuthMap.begin();
		while (iter != LoginAuthMap.end()) {
			info+=(*iter).first+"   |  ";
			info+=(*iter).second+ "\r\n";
			info += "-----------------------------------------------------\r\n";
			iter++;
		}
	}

	//添加用户
	void User_insert(string user_host, string pwd, string &msg) {
		if (userExist(user_host)) {
			msg = "user has exsit !";
			return;
		}
		pwd = Password(pwd);
		const char* c_user_host = user_host.c_str();
		const char* c_pwd = pwd.c_str();
		LoginAuthMap.insert(pair<string, string>(user_host, pwd));
		authFile.Open(L"data/system/user.trd", CFile::modeWrite | CFile::typeBinary, NULL);
		authFile.SeekToEnd();
		authFile.Write(c_user_host, 43);
		authFile.Write(c_pwd, 32);
		authFile.Close();
		msg = "successful！！";
	};

private:
	CFile authFile;
	map<string, string> LoginAuthMap;
	set<string>authSet;

	//重写文件
	void ReWriterUser() {
		authFile.Remove(L"data/system/user.trd");
		authFile.Open(L"data/system/user.trd", CFile::modeCreate);
		authFile.Close();
		authFile.Open(L"data/system/user.trd", CFile::modeWrite | CFile::typeBinary, NULL);
		map<string, string>::iterator iter = LoginAuthMap.begin();
		while (iter != LoginAuthMap.end()) {
			authFile.Write((*iter).first.c_str(), 43);
			authFile.Write((*iter).second.c_str(), 32);
			iter++;
		}
		authFile.Close();
	}


	void ReWriterAuth() {
		authFile.Remove(L"data/system/auth.trd");
		authFile.Open(L"data/system/auth.trd", CFile::modeCreate);
		authFile.Close();
		authFile.Open(L"data/system/auth.trd", CFile::modeWrite | CFile::typeBinary, NULL);
		set<string>::iterator it = authSet.begin();
		while (it != authSet.end()) {
			authFile.Write((*it).c_str(), 100);
			it++;
		}
		authFile.Close();
	}


};
